Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197071.roa
File: AS197071.roa (raw, json)
Hash identifier: NhBFMKgncz1S7aSrpdlW5AhltoaHCK56h4vxs/u+7kw=
Subject key identifier: 93:DE:F7:99:6E:7F:5F:4C:EF:E0:0D:89:AE:A5:90:49:9D:BF:9A:22
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 479C2A2B588E1BB7FCC257A750370589EBD74B77
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197071.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 197071
IP address blocks: 191.101.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:9c:2a:2b:58:8e:1b:b7:fc:c2:57:a7:50:37:05:89:eb:d7:4b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=93DEF7996E7F5F4CEFE00D89AEA590499DBF9A22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2f:14:a9:f9:b4:ec:c4:1e:21:89:92:48:e3:
be:ce:37:19:a3:33:3b:dd:11:59:88:e6:ab:6d:9a:
09:fb:7b:d9:fd:f1:22:d6:2b:62:81:71:a3:cb:f4:
01:ca:b8:3c:bd:07:7e:fd:5b:b8:e1:ae:bd:54:24:
2e:e7:0c:1d:69:af:9e:82:20:b4:29:b9:db:c1:e8:
a1:2e:d4:8f:61:aa:fe:f1:84:a1:28:22:34:f7:8d:
2d:b2:90:e2:06:72:46:57:01:08:d4:02:b7:1d:fe:
ee:0c:00:f7:2e:20:49:0a:fe:b4:81:41:e6:42:76:
39:00:74:6a:3d:1f:c6:37:43:7d:38:3b:ef:e8:ec:
96:49:14:1a:81:3c:0a:be:b4:d6:80:25:51:0b:8a:
25:c7:b3:86:dc:29:98:3a:a0:a7:a4:49:95:4b:a4:
33:aa:31:3d:86:48:63:d9:5b:fa:aa:f9:33:4d:ae:
8d:07:dd:90:04:b2:f7:b8:14:81:22:73:da:84:92:
07:35:3f:34:c0:b5:d4:c6:b9:d4:e9:63:23:27:19:
2b:d9:4c:fe:39:21:c0:5c:4d:ce:ff:ce:7a:1b:7a:
ba:0d:68:1a:64:6a:71:51:89:2c:87:3f:29:cb:93:
f2:de:41:44:5b:ed:da:3a:6a:ea:6b:ac:0a:23:72:
66:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DE:F7:99:6E:7F:5F:4C:EF:E0:0D:89:AE:A5:90:49:9D:BF:9A:22
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197071.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.51.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:74:d1:99:dd:ea:de:61:65:73:97:f2:48:a1:55:ba:3b:75:
69:da:27:24:41:65:02:b7:98:18:ac:68:7d:01:2d:c4:d4:35:
d4:77:fe:b2:f2:62:bd:6a:1d:df:8b:74:f0:7b:c3:9c:44:c1:
1d:89:11:9c:04:12:8f:1a:fd:71:13:90:f2:e0:5a:21:24:19:
cf:3a:ed:7c:70:6c:90:a4:84:4c:c2:5a:c0:1d:7e:af:21:33:
b9:74:7c:01:a4:3a:30:4e:90:35:61:cc:28:a1:74:0a:1b:91:
c9:eb:e7:c3:8a:fe:65:58:08:86:11:5b:23:de:fb:5a:f4:19:
7a:b3:79:fd:c1:94:40:51:d3:5f:a4:f4:cc:ec:59:be:30:d5:
9b:c4:f5:09:70:fa:ff:39:d2:9f:e7:31:91:76:b1:6e:5d:d1:
7f:ba:fb:95:12:5c:91:51:a2:56:2e:2b:9b:b5:b2:9e:9a:76:
ec:ba:0b:af:25:7e:aa:f2:31:e5:a3:6e:4b:1e:1c:d9:e4:63:
24:35:91:15:99:0a:77:ad:87:25:da:a4:c3:49:3d:ef:49:28:
25:ff:e1:53:08:69:ff:f7:ea:a3:ed:45:51:eb:a8:10:3e:49:
b9:93:7f:f4:86:e9:f8:5f:13:ed:61:fd:26:bc:ba:4e:84:13:
d7:6c:cc:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUR5wqK1iOG7f8wlenUDcFievXS3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKDkzREVGNzk5NkU3RjVGNENFRkUwMEQ4OUFFQTU5MDQ5OURCRjlBMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4LxSp+bTsxB4hiZJI477ONxmj
MzvdEVmI5qttmgn7e9n98SLWK2KBcaPL9AHKuDy9B379W7jhrr1UJC7nDB1pr56C
ILQpudvB6KEu1I9hqv7xhKEoIjT3jS2ykOIGckZXAQjUArcd/u4MAPcuIEkK/rSB
QeZCdjkAdGo9H8Y3Q304O+/o7JZJFBqBPAq+tNaAJVELiiXHs4bcKZg6oKekSZVL
pDOqMT2GSGPZW/qq+TNNro0H3ZAEsve4FIEic9qEkgc1PzTAtdTGudTpYyMnGSvZ
TP45IcBcTc7/znoberoNaBpkanFRiSyHPynLk/LeQURb7do6auprrAojcmZfAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUk973mW5/X0zv4A2JrqWQSZ2/miIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTk3MDcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2Uz
MA0GCSqGSIb3DQEBCwUAA4IBAQCbdNGZ3ereYWVzl/JIoVW6O3Vp2ickQWUCt5gY
rGh9AS3E1DXUd/6y8mK9ah3fi3Twe8OcRMEdiRGcBBKPGv1xE5Dy4FohJBnPOu18
cGyQpIRMwlrAHX6vITO5dHwBpDowTpA1YcwooXQKG5HJ6+fDiv5lWAiGEVsj3vta
9Bl6s3n9wZRAUdNfpPTM7Fm+MNWbxPUJcPr/OdKf5zGRdrFuXdF/uvuVElyRUaJW
LiubtbKemnbsuguvJX6q8jHlo25LHhzZ5GMkNZEVmQp3rYcl2qTDST3vSSgl/+FT
CGn/9+qj7UVR66gQPkm5k3/0hun4XxPtYf0mvLpOhBPXbMzZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:28 2025 by rpki-client